Ce contenu n'est pas disponible dans la langue sélectionnée.

16.2. Generate a key store and a masked password


Password masking uses a public/private key pair to encrypt passwords. You need to generate a key pair for use in password masking. By default JBoss Enterprise Application Platform 5 expects a key pair with the alias jboss in a key store at jboss-as/bin/password/password.keystore.
The following procedures follow this default configuration. If you wish to change the key store location or key alias you will need to change the default configuration, and should refer to Section 16.6, “Changing the password masking defaults” for instructions.

Procedure 16.2. Generate a key pair and key store for password masking

  1. At the command line, change directory to the jboss-as/bin/password directory.
  2. Use keytool to generate the key pair with the following command:
    keytool -genkey -alias jboss -keyalg RSA -keysize 1024 -keystore password.keystore
    Copy to Clipboard Toggle word wrap
    Important:

    You must specify the same password for the key store and key pair

  3. Optional:

    Make the resulting password.keystore readable by the JBoss Application Server process owner only.

    On Unix-based systems this is accomplished by using the chown command to change ownership to the JBoss Application Server process owner, and chmod 600 password.keystore to make the file readable only by the owner.
    This step is recommended to increase the security of your server.
    Note: the JBoss Application Server process owner should not have interactive console log in access. In that case you will be performing these operations as another user. Creating masked passwords requires read access to the key store, so you may wish to complete configuration of masked passwords before restricting the key store file permissions.
For more on key stores and the keytool command, refer to Section 15.1, “SSL Encryption overview”.
Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat